JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 34.21.158.252

34.21.158.252 was found in our database!

This IP was reported 16 times. Confidence of Abuse is 42%: ?

42%

ISP	Google LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	252.158.21.34.bc.googleusercontent.com
Domain Name	google.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 34.21.158.252

Whois 34.21.158.252

IP Abuse Reports for 34.21.158.252:

This IP address has been reported a total of 16 times from 11 distinct sources. 34.21.158.252 was first reported on May 20th 2026, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 homeshowdomain.nl	2026-05-23 21:59:33 (3 weeks ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-05-22. show less	Web App Attack SSH Hacking
🇳🇱 homeshowdomain.nl	2026-05-22 22:01:06 (3 weeks ago)	Auto-ban: >3000 req/min op 2026-05-22	Web App Attack SSH Hacking
🇺🇸 TPI-Abuse	2026-05-22 19:00:03 (3 weeks ago)	(mod_security) mod_security (id:210492) triggered by 34.21.158.252 (252.158.21.34.bc.googleuserconte ... show more (mod_security) mod_security (id:210492) triggered by 34.21.158.252 (252.158.21.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 22 14:59:55.776579 2026] [security2:error] [pid 25519:tid 25519] [client 34.21.158.252:54180] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.burningdownthevillger.com.tremulant.com"] [uri "/.git/config"] [unique_id "ahCnqyv1eeT2-ELf60eHDgAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-22 15:51:44 (3 weeks ago)	(mod_security) mod_security (id:210492) triggered by 34.21.158.252 (252.158.21.34.bc.googleuserconte ... show more (mod_security) mod_security (id:210492) triggered by 34.21.158.252 (252.158.21.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 22 11:51:36.981350 2026] [security2:error] [pid 25020:tid 25020] [client 34.21.158.252:39308] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.virlouiserecords.virlouise.com"] [uri "/.git/config"] [unique_id "ahB7iPu7JzqbvA9_qo-q5wAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 iNetWorker	2026-05-22 13:37:11 (3 weeks ago)	trolling for resource vulnerabilities	Web App Attack
🇺🇸 TPI-Abuse	2026-05-22 11:03:15 (3 weeks ago)	(mod_security) mod_security (id:210492) triggered by 34.21.158.252 (252.158.21.34.bc.googleuserconte ... show more (mod_security) mod_security (id:210492) triggered by 34.21.158.252 (252.158.21.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 22 07:03:08.408578 2026] [security2:error] [pid 13423:tid 13423] [client 34.21.158.252:43420] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.title13.com"] [uri "/.git/config"] [unique_id "ahA37MbAa-SfAC9PkxIxbwAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇮 inlink.ltd	2026-05-22 10:40:10 (3 weeks ago)	dot file probe	Web App Attack
🇺🇸 TPI-Abuse	2026-05-22 10:37:28 (3 weeks ago)	(mod_security) mod_security (id:949110) triggered by 34.21.158.252 (252.158.21.34.bc.googleuserconte ... show more (mod_security) mod_security (id:949110) triggered by 34.21.158.252 (252.158.21.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 22 06:37:24.693699 2026] [security2:error] [pid 17013:tid 17013] [client 34.21.158.252:50144] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "30"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "mail.tecumsehdentalcenter.com"] [uri "/.git/config"] [unique_id "ahAx5NMWtNUUKsbTBJtcvgAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-05-22 09:16:51 (3 weeks ago)	(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 34.21.158.252 (SG/Singapore/252.158.2 ... show more (modsec_5080) ModSec 5080: Infrastructure subdomain probe from 34.21.158.252 (SG/Singapore/252.158.21.34.bc.googleusercontent.com): 1 in the last 3600 secs (0-197) show less	Hacking
🇫🇷 masterguru	2026-05-22 06:12:20 (3 weeks ago)	(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 34.21.158.252 (SG/Singapore/252.158.2 ... show more (modsec_5080) ModSec 5080: Infrastructure subdomain probe from 34.21.158.252 (SG/Singapore/252.158.21.34.bc.googleusercontent.com): 1 in the last 3600 secs (0-195) show less	Hacking
🇫🇷 dynamix	2026-05-22 06:08:17 (3 weeks ago)	Multiple WAF Violations	Web App Attack
Anonymous	2026-05-22 04:10:03 (3 weeks ago)	\| [Dangerous/Singapore] Aggressive IP 34.21.158.252 (~30 hits). Type: DoS Defender- Web server 400 e ... show more \| [Dangerous/Singapore] Aggressive IP 34.21.158.252 (~30 hits). Type: DoS Defender- Web server 400 error code show less	Web App Attack Hacking SQL Injection
🇳🇱 Cloud86 B.V.	2026-05-22 03:52:08 (3 weeks ago)	categories: DDoS Attack	DDoS Attack
🇪🇸 Michael McCarthy	2026-05-20 09:52:07 (3 weeks ago)		Web Spam
🇬🇧 PeravixGroup	2026-05-20 09:31:32 (3 weeks ago)	Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. A ... show more Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. Aaran.cloud show less	Port Scan Bad Web Bot

Showing 1 to 15 of 16 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 199.45.154.179

🇩🇪 167.94.145.29

🇺🇸 104.37.184.165

🇮🇩 103.188.177.46

🇳🇱 91.92.40.4

🇯🇵 58.98.197.137

🇺🇸 40.77.167.131

🇵🇱 217.70.48.92

🇺🇸 205.210.31.31

🇲🇽 177.229.197.38

🇦🇪 176.205.34.35

🇭🇰 152.32.189.59

🇨🇳 123.160.73.134

🇮🇳 98.70.3.41

🇺🇸 57.141.20.27

🇸🇬 47.84.194.245

🇳🇱 45.142.193.161

🇨🇳 2408:4005:3dc:e600:826d:8267:b908:341a

🇵🇾 186.16.46.105

🇫🇷 109.123.251.5